-
Notifications
You must be signed in to change notification settings - Fork 197
/
model.go
52 lines (46 loc) · 1.19 KB
/
model.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
package kubehunter
import (
"encoding/json"
"io"
"time"
sec "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1"
"github.com/aquasecurity/starboard/pkg/starboard"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
func toSummary(vulnerabilities []sec.KubeHunterVulnerability) (summary sec.KubeHunterSummary) {
for _, v := range vulnerabilities {
switch v.Severity {
case sec.KubeHunterSeverityHigh:
summary.HighCount++
case sec.KubeHunterSeverityMedium:
summary.MediumCount++
case sec.KubeHunterSeverityLow:
summary.LowCount++
default:
summary.UnknownCount++
}
}
return
}
func OutputFrom(config Config, reader io.Reader) (report sec.KubeHunterOutput, err error) {
imageRef, err := config.GetKubeHunterImageRef()
if err != nil {
return report, err
}
version, err := starboard.GetVersionFromImageRef(imageRef)
if err != nil {
return sec.KubeHunterOutput{}, err
}
report.Scanner = sec.Scanner{
Name: "kube-hunter",
Vendor: "Aqua Security",
Version: version,
}
report.UpdateTimestamp = metav1.NewTime(time.Now())
err = json.NewDecoder(reader).Decode(&report)
if err != nil {
return
}
report.Summary = toSummary(report.Vulnerabilities)
return
}